VA's Notification Letter to Veterans

Dear Veteran:

The Department of Veterans Affairs (VA) has recently learned that an employee took home electronic data from the VA, which he was not authorized to do and was in violation of established policies.  The employee’s home was burglarized and this data was stolen.  The data contained identifying information including names, social security numbers, and dates of birth for up to 26.5 million veterans and some spouses, as well as some disability ratings.  As a result of this incident, information identifiable with you was potentially exposed to others.  It is important to note that the affected data did not include any of VA’s electronic health records or any financial information.

 

Appropriate law enforcement agencies, including the FBI and the VA Inspector General’s office, have launched full-scale investigations into this matter.  Authorities believe it is unlikely the perpetrators targeted the items because of any knowledge of the data contents.  It is possible that they remain unaware of the information which they possess or of how to make use of it.

Out of an abundance of caution, however, VA is taking all possible steps to protect and inform our veterans.  While you do not need to take any action unless you are aware of suspicious activity regarding your personal information, there are many steps you may take to protect against possible identity theft and we wanted you to be aware of these.  Specific information is included in the attached question and answer sheet.  For additional information, the VA has teamed up the Federal Trade Commission and has a website (www.firstgov.gov) with information on this matter or you may call 1-800-FED INFO (1-800-333-4636).  The call center will operate from 8 a.m. to 9 p.m. (EDT), Monday-Saturday, as long as it is needed.

We apologize for any inconvenience or concern this situation may cause, but we at the VA believe it is important for you to be fully informed of any potential risk resulting from this incident.  Again, we want to reassure you we have no evidence that your protected data has been misused.  We will keep you apprised of any further developments.  The men and women of the VA take our obligation to honor and serve America’s veterans very seriously and we are committed to seeing this never happens again.

Sincerely,

R. James Nicholson

Secretary of Veterans Affairs

 

 

 

Frequently Asked Questions

 

1.  I’m a veteran, how can I tell if my information was compromised?

At this point there is no evidence that any missing data has been used illegally.  However, the Department of Veterans Affairs is asking all veterans to be extra vigilant and to carefully monitor bank statements, credit card statements and any statements relating to recent financial transactions. If you notice unusual or suspicious activity, you should report it immediately to the financial institution involved and contact the Federal Trade Commission for further guidance.

 

2.  What is the earliest date at which suspicious activity might have occurred due to this data breach?

The information was stolen from an employee of the Department of Veterans Affairs during the month of May, 2006. If the data has been misused or otherwise used to commit fraud or identity theft crimes, it is likely that veterans may notice suspicious activity during the month of May.

 

3.  I haven’t noticed any suspicious activity in my financial statements, but what can I do to protect myself and prevent being victimized by credit card fraud or identity theft?

The Department of Veterans Affairs strongly recommends that veterans closely monitor their financial statements and visit the Department of Veterans Affairs special website on this, www.firstgov.gov or call 1-800-FED-INFO (1-800-333-4636).

 

4.  Should I reach out to my financial institutions or will the Department of Veterans Affairs do this for me?

 

The Department of Veterans Affairs does not believe that it is necessary to contact financial institutions or cancel credit cards and bank accounts, unless you detect suspicious activity.

 

5.  Where should I report suspicious or unusual activity?

The Federal Trade Commission recommends the following four steps if you detect suspicious activity:

Step 1 – Contact the fraud department of one of the three major credit bureaus:

Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA

30374-0241

Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 9532, Allen, Texas 750132

TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

Step 2 – Close any accounts that have been tampered with or opened fraudulently

Step 3 – File a police report with your local police or the police in the community where the identity theft took place.

Step 4 – File a complaint with the Federal Trade Commission by using the FTC’s Identity Theft Hotline by telephone: 1-877-438-4338, online at www.consumer.gov/idtheft, or by mail at Identity Theft Clearinghouse, Federal Trade Commission, 600 Pennsylvania Avenue NW